Re: Comments on draft-ietf-ipsec-new-auth-00.txt

["C. Harald Koch" <chk@utcc.utoronto.ca>]

In message <9704181331.AA15062@cichlid.raleigh.ibm.com>, Thomas Narten writes:
> I also agree, and have been disheartened by the number of times the
> above question has been asked but not answered.  Indeed, it has been
> my impression that the vast majority of IP packets are delivered in
> order (one reason why TCP's header prediction works well in
> practice). It is rare in practice to have packets arrive out of
> order. Which begs the question of whether a window is even
> needed. Does someone have data that argues otherwise?

Two sample points, my internet firewalls (A good place to look, since they
re-synthesize all TCP streams in/out. This is roughly akin to combining the
statistics for all 100 hosts behind the firewalls...).

----- elgreco -----
 2:39pm  up 11 days,  4:51,  1 user,  load average: 0.25, 0.16, 0.05

        5796665 packets received
                2703533 acks (for 1066489852 bytes)
                3301088 packets (900448165 bytes) received in-sequence
                107878 completely duplicate packets (10966707 bytes)
                987 packets with some dup. data (122695 bytes duped)
                198927 out-of-order packets (40226774 bytes)


----- janus -----
 2:38pm  up 11 days,  4:52,  1 user,  load average: 0.02, 0.06, 0.02

        28417190 packets received
                19533317 acks (for 371944057 bytes)
                21278080 packets (176197867 bytes) received in-sequence
                51170 completely duplicate packets (12418673 bytes)
                519 packets with some dup. data (63691 bytes duped)
                199859 out-of-order packets (69912188 bytes)


That's 6.4 percent on elgreco, and 2.3 percent on janus, of all data packets
received out-of-order. I wouldn't define that as "rare", especially given the
(additional) performance penalties for dropping them instead of queueing them.

-- 
Harald Koch <chk@utcc.utoronto.ca>